Количество 23
Количество 23
BDU:2023-02407
Уязвимость функции perf_group_detach() утилиты perf ядра операционных систем Linux, позволяющая нарушителю повысить свои привилегии
CVE-2023-2235
A use-after-free vulnerability in the Linux Kernel Performance Events system can be exploited to achieve local privilege escalation. The perf_group_detach function did not check the event's siblings' attach_state before calling add_event_to_groups(), but remove_on_exec made it possible to call list_del_event() on before detaching from their group, making it possible to use a dangling pointer causing a use-after-free vulnerability. We recommend upgrading past commit fd0815f632c24878e325821943edccc7fde947a2.
CVE-2023-2235
A use-after-free vulnerability in the Linux Kernel Performance Events system can be exploited to achieve local privilege escalation. The perf_group_detach function did not check the event's siblings' attach_state before calling add_event_to_groups(), but remove_on_exec made it possible to call list_del_event() on before detaching from their group, making it possible to use a dangling pointer causing a use-after-free vulnerability. We recommend upgrading past commit fd0815f632c24878e325821943edccc7fde947a2.
CVE-2023-2235
A use-after-free vulnerability in the Linux Kernel Performance Events system can be exploited to achieve local privilege escalation. The perf_group_detach function did not check the event's siblings' attach_state before calling add_event_to_groups(), but remove_on_exec made it possible to call list_del_event() on before detaching from their group, making it possible to use a dangling pointer causing a use-after-free vulnerability. We recommend upgrading past commit fd0815f632c24878e325821943edccc7fde947a2.
CVE-2023-2235
CVE-2023-2235
A use-after-free vulnerability in the Linux Kernel Performance Events ...
ROS-20230905-02
Множественные уязвимости ядра ОС
ROS-20230905-01
Множественные уязвимости ядра ОС
GHSA-hwwj-xrc2-6hxg
A use-after-free vulnerability in the Linux Kernel Performance Events system can be exploited to achieve local privilege escalation. The perf_group_detach function did not check the event's siblings' attach_state before calling add_event_to_groups(), but remove_on_exec made it possible to call list_del_event() on before detaching from their group, making it possible to use a dangling pointer causing a use-after-free vulnerability. We recommend upgrading past commit fd0815f632c24878e325821943edccc7fde947a2.
SUSE-SU-2023:3079-1
Security update for the Linux Kernel (Live Patch 2 for SLE 15 SP4)
SUSE-SU-2023:3063-1
Security update for the Linux Kernel (Live Patch 3 for SLE 15 SP4)
SUSE-SU-2023:3055-1
Security update for the Linux Kernel (Live Patch 10 for SLE 15 SP4)
SUSE-SU-2023:3153-1
Security update for the Linux Kernel RT (Live Patch 0 for SLE 15 SP5)
SUSE-SU-2023:3116-1
Security update for the Linux Kernel (Live Patch 0 for SLE 15 SP5)
RLSA-2023:4517
Important: kernel security and bug fix update
ELSA-2023-4517
ELSA-2023-4517: kernel security and bug fix update (IMPORTANT)
ELSA-2023-3723
ELSA-2023-3723: kernel security and bug fix update (IMPORTANT)
SUSE-SU-2023:2231-1
Security update for the Linux Kernel
SUSE-SU-2023:2141-1
Security update for the Linux Kernel
SUSE-SU-2023:2140-1
Security update for the Linux Kernel
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | BDU:2023-02407 Уязвимость функции perf_group_detach() утилиты perf ядра операционных систем Linux, позволяющая нарушителю повысить свои привилегии | CVSS3: 7.8 | 0% Низкий | больше 2 лет назад |
 | CVE-2023-2235 A use-after-free vulnerability in the Linux Kernel Performance Events system can be exploited to achieve local privilege escalation. The perf_group_detach function did not check the event's siblings' attach_state before calling add_event_to_groups(), but remove_on_exec made it possible to call list_del_event() on before detaching from their group, making it possible to use a dangling pointer causing a use-after-free vulnerability. We recommend upgrading past commit fd0815f632c24878e325821943edccc7fde947a2. | CVSS3: 7.8 | 0% Низкий | около 2 лет назад |
 | CVE-2023-2235 A use-after-free vulnerability in the Linux Kernel Performance Events system can be exploited to achieve local privilege escalation. The perf_group_detach function did not check the event's siblings' attach_state before calling add_event_to_groups(), but remove_on_exec made it possible to call list_del_event() on before detaching from their group, making it possible to use a dangling pointer causing a use-after-free vulnerability. We recommend upgrading past commit fd0815f632c24878e325821943edccc7fde947a2. | CVSS3: 7.8 | 0% Низкий | больше 2 лет назад |
 | CVE-2023-2235 A use-after-free vulnerability in the Linux Kernel Performance Events system can be exploited to achieve local privilege escalation. The perf_group_detach function did not check the event's siblings' attach_state before calling add_event_to_groups(), but remove_on_exec made it possible to call list_del_event() on before detaching from their group, making it possible to use a dangling pointer causing a use-after-free vulnerability. We recommend upgrading past commit fd0815f632c24878e325821943edccc7fde947a2. | CVSS3: 7.8 | 0% Низкий | около 2 лет назад |
 | CVSS3: 7.8 | 0% Низкий | около 2 лет назад | |
| CVE-2023-2235 A use-after-free vulnerability in the Linux Kernel Performance Events ... | CVSS3: 7.8 | 0% Низкий | около 2 лет назад |
 | ROS-20230905-02 Множественные уязвимости ядра ОС | CVSS3: 9.8 | почти 2 года назад | |
| ROS-20230905-01 Множественные уязвимости ядра ОС | CVSS3: 9.8 | почти 2 года назад | |
| GHSA-hwwj-xrc2-6hxg A use-after-free vulnerability in the Linux Kernel Performance Events system can be exploited to achieve local privilege escalation. The perf_group_detach function did not check the event's siblings' attach_state before calling add_event_to_groups(), but remove_on_exec made it possible to call list_del_event() on before detaching from their group, making it possible to use a dangling pointer causing a use-after-free vulnerability. We recommend upgrading past commit fd0815f632c24878e325821943edccc7fde947a2. | CVSS3: 7.8 | 0% Низкий | почти 2 года назад |
 | SUSE-SU-2023:3079-1 Security update for the Linux Kernel (Live Patch 2 for SLE 15 SP4) | почти 2 года назад | ||
| SUSE-SU-2023:3063-1 Security update for the Linux Kernel (Live Patch 3 for SLE 15 SP4) | почти 2 года назад | ||
| SUSE-SU-2023:3055-1 Security update for the Linux Kernel (Live Patch 10 for SLE 15 SP4) | почти 2 года назад | ||
| SUSE-SU-2023:3153-1 Security update for the Linux Kernel RT (Live Patch 0 for SLE 15 SP5) | почти 2 года назад | ||
| SUSE-SU-2023:3116-1 Security update for the Linux Kernel (Live Patch 0 for SLE 15 SP5) | почти 2 года назад | ||
 | RLSA-2023:4517 Important: kernel security and bug fix update | больше 1 года назад | ||
| ELSA-2023-4517 ELSA-2023-4517: kernel security and bug fix update (IMPORTANT) | почти 2 года назад | ||
| ELSA-2023-3723 ELSA-2023-3723: kernel security and bug fix update (IMPORTANT) | почти 2 года назад | ||
| SUSE-SU-2023:2231-1 Security update for the Linux Kernel | около 2 лет назад | ||
| SUSE-SU-2023:2141-1 Security update for the Linux Kernel | около 2 лет назад | ||
| SUSE-SU-2023:2140-1 Security update for the Linux Kernel | около 2 лет назад |
Уязвимостей на страницу